[mdlug] /etc/sudoers -A rant and an attempt at better documentation
Daniel Hedlund
daniel at digitree.org
Sun Jan 7 10:37:05 EST 2007
Carl,
Carl T. Miller wrote:
> Notice that the original line will not let someone run "sudo
> mount -t ext2 /cdrom". It will only allow "sudo mount /cdrom".
> I would worry if it was like this:
> %users ALL=/sbin/mount * /cdrom, /sbin/umount /cdrom
One shouldn't need to run "mount -t ext2 /cdrom". I would think that it
would automatically detect the filesystem type through the use of its
"magic" identification system (ie. "file -Ls /dev/cdrom") or similar
methods.
> Daniel, you make a good point in that the entry for the cdrom
> drive in /etc/fstab should be set to iso9660 and not to auto.
Yes, auto is probably not ideal for a CD and could be corrected by
putting iso9960 instead of auto, but perhaps have "iso9660,udf,..."
there if comma separated lists are supported. This should be documented
in the sudoers file along with the example because newbies and others
might not think of the repercussions of uncommenting the example line;
admins might think "oh, that's what I'm looking for" and uncomment it
and not give it another thought.
Cheers,
Daniel Hedlund
daniel at digitree.org
More information about the mdlug
mailing list